Bug 1070358

Summary: openswan breaks NAT-T draft clients (and possibly ike fragmentation)
Product: Red Hat Enterprise Linux 5 Reporter: Paul Wouters <pwouters>
Component: openswanAssignee: Paul Wouters <pwouters>
Status: CLOSED ERRATA QA Contact: Aleš Mareček <amarecek>
Severity: high Docs Contact:
Priority: high    
Version: 5.11CC: amarecek, eparis, mnavrati, pwouters
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previously, Openswan supported a NAT-T negotiation method which used a notification number that was assigned by the Internet Assigned Numbers Authority (IANA) for another option. This wrong option was therefore removed. As a consequence, clients supporting non-RFC versions of NAT-T could not establish an Openswan connection. With this update, Openswan has been modified to fully ignore that option, and clients can send both the wrong option and the draft or the RFC option to connect to Openswan successfully.
 Story Points: ---
Clone Of: 1070356 Environment:
Last Closed: 2014-09-16 00:24:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1070356    
Bug Blocks:    

Comment 1 RHEL Program Management 2014-03-07 13:31:43 UTC 
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.
Comment 3 RHEL Program Management 2014-03-31 05:48:11 UTC 
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 8 errata-xmlrpc 2014-09-16 00:24:01 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1223.html